*.rfklive.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 02:9c:b6:27:57:43:37:2a:c0:80:a8:ce:57:77:68:b4 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.rfklive.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 02:9c:b6:27:57:43:37:2a:c0:80:a8:ce:57:77:68:b4Serial Number (int): 3472148816953921919346978612401629364
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: b1:eb:1e:56:fb:07:e4:8c:13:30:cd:c8:6f:80:1f:42:9c:35:65:e7
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): e2:92:ef:9a:1e:57:d6:cc:7f:8a:01:3a:c0:c1:0b:bb:10:10:08:9c
Fingerprint (sha256): c1:29:a1:cb:10:7a:49:d2:29:68:6b:da:44:08:d9:f1:a2:19:cf:ef:d1:2b:e1:84:6e:75:d2:51:54:1d:71:16
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.rfklive.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rfklive.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rfklive.com
rfk.skechers.com
*.rfk.skechers.com
rfk.skechers.com
*.rfk.skechers.com
Other certificates including the domain name rfklive.com
(limited to 100 certificates)
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
Certificate
The complete raw certificate details for *.rfklive.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgIQApy2J1dDNyrAgKjOV3dotDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMDgxMjAwMDAwMFoXDTI0MDkwODIzNTk1OVowGDEW MBQGA1UEAwwNKi5yZmtsaXZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAMAzyp5FrHipL03Q7FxVptofyRRwks9mJX1QpnY3DTW1tzt7vAI1R/Ol fszBCXbkzUwbS799fIAvlvy8N+t/XdfVgYkitCwNL9VbvKCGCP1pX9yl+zpHTgLG hWbQzFJ/HdM7KjwWI+TUpnTpgki6EVK0FEAcYK/aanJ7uwPDnQ020XC7yVHPyFvx iawdnzBUWt3O6Kbk3ElMnpapWMkX6WKXUPGdDvSC8sw7f7tiPgQR54alFcaih4Ou +3Ppw+2JsC9B5zdU6RcO4fDOQKunitxlT/yaRHmE1G8oD6Zptz7qiNCRi8BVgqwc pftx52rdYNvc6vmBoXJJX4sgWlhMrBsCAwEAAaOCAw0wggMJMB8GA1UdIwQYMBaA FFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBSx6x5W+wfkjBMwzchvgB9C nDVl5zA+BgNVHREENzA1gg0qLnJma2xpdmUuY29tghByZmsuc2tlY2hlcnMuY29t ghIqLnJmay5za2VjaGVycy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwEwYDVR0gBAwwCjAIBgZn gQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5y Mm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJt MDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYK KwYBBAHWeQIEAgSCAW8EggFrAWkAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR SFlGcR+1mwAAAYnn5blcAAAEAwBHMEUCIQDClFe/42xvSxUQNPMuNWlQdNmi+BHF w5/UPEhQqcGiZgIgT/oeMwpXY9PKroxbaKxZo6RudBn2CkkQzDbKz/UzHnwAdwBI sONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYnn5bmGAAAEAwBIMEYC IQD3czZNsVmLRRAU+NSYNuPjEDOf3Oh1uv5oS2DId/XZoAIhALG6MKqSPvK7POi9 l3B3aUiXqKj4oyJUTW0d347RcxOnAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0 vaQ9MEjX+6sAAAGJ5+W5UgAABAMARzBFAiBRoOjrTGV+Wk7tKBqjXea2/2AmXa2K fyz70OHl65eCKQIhAKITOypGA6phamqdrXKTtUoUwaB8C1mTLb/rCFjJNLflMA0G CSqGSIb3DQEBCwUAA4IBAQCWZBjZWgtvaxqjvqmN9uEr9oM7RBRG2TlZppolFGBp 5g7JMOAY91wQbCUmpMRwxfvbWRpqpgS2hp4HtmPpkeqT/YZA683wbb6vE6QcnPPg 1lkzij82tNRgpmJ0jLEjmbfTrjBHvhcyJbsOY+ZDM9U5WjlQ+2Ga5KMc+bYrJ273 O0E8Nz2zRl3jZCrhbzW4tZ+ievkPIhXpFNWu8dD8HononYdouEWqB7I7xCogxSj2 KdllsWDUQG81Y+G8AeCcLnD6RKdZYeYUF/nuFfrCa77hL5wCBJbrND+TzqC6Xu8d V1o/eBCcWlN5tFzIdkR4TQl7k16DQ5ulLsmhmjJ4WWm9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDPKnkWseKkvTdDsXFWm 2h/JFHCSz2YlfVCmdjcNNbW3O3u8AjVH86V+zMEJduTNTBtLv318gC+W/Lw3639d 19WBiSK0LA0v1Vu8oIYI/Wlf3KX7OkdOAsaFZtDMUn8d0zsqPBYj5NSmdOmCSLoR UrQUQBxgr9pqcnu7A8OdDTbRcLvJUc/IW/GJrB2fMFRa3c7opuTcSUyelqlYyRfp YpdQ8Z0O9ILyzDt/u2I+BBHnhqUVxqKHg677c+nD7YmwL0HnN1TpFw7h8M5Aq6eK 3GVP/JpEeYTUbygPpmm3PuqI0JGLwFWCrByl+3Hnat1g29zq+YGhcklfiyBaWEys GwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3472148816953921919346978612401629364 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rfklive.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24263293882922836864820258127200525484623264522416937756549446203925779292127548380801631814030608214220300489051457859500593777379782795397944838340546177746648842246072688535488588069745933005854559010703603006392405442266708331358503026822177265127334825098024137448925886209494746125621296330328117320519566827421053991680859229510365769677226230823183725963771989970690696315797481373100979303539477572828464911819367376380969084120031425040726321469297550106742280589006908178750944555159484900462804996924823880391257344867219753372378261546313942755939713099827294970755283107733846083010294657080124305615899 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b1eb1e56fb07e48c1330cdc86f801f429c3565e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfklive.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rfk.skechers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfk.skechers.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000189e7e5b95c0000040300473045022100c29457bfe36c6f4b151034f32e35695074d9a2f811c5c39fd43c4850a9c1a26602204ffa1e330a5763d3caae8c5b68ac59a3a46e7419f60a4910cc36cacff5331e7c00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000189e7e5b9860000040300483046022100f773364db1598b451014f8d49836e3e310339fdce875bafe684b60c877f5d9a0022100b1ba30aa923ef2bb3ce8bd977077694897a8a8f8a322544d6d1ddf8ed17313a7007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000189e7e5b9520000040300473045022051a0e8eb4c657e5a4eed281aa35de6b6ff60265dad8a7f2cfbd0e1e5eb978229022100a2133b2a4603aa616a6a9dad7293b54a14c1a07c0b59932dbfeb0858c934b7e5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00966418d95a0b6f6b1aa3bea98df6e12bf6833b441446d93959a69a25146069e60ec930e018f75c106c2526a4c470c5fbdb591a6aa604b6869e07b663e991ea93fd8640ebcdf06dbeaf13a41c9cf3e0d659338a3f36b4d460a662748cb12399b7d3ae3047be173225bb0e63e64333d5395a3950fb619ae4a31cf9b62b276ef73b413c373db3465de3642ae16f35b8b59fa27af90f2215e914d5aef1d0fc1e89e89d8768b845aa07b23bc42a20c528f629d965b160d4406f3563e1bc01e09c2e70fa44a75961e61417f9ee15fac26bbee12f9c020496eb343f93cea0ba5eef1d575a3f78109c5a5379b45cc87644784d097b935e83439ba52ec9a19a32785969bd